It’s Here: Bug Bounty Hunting Month Has Arrived
The wait is finally over—SecurityTrails Bug Bounty Hunting Month has officially started!
10 Backend Security Risks and Tips on How to Prevent Them
With modern web applications’ backends consisting of multiple servers, containers running different applications (often built from templates), and numerous software services being run, including web servers, databases, web proxies, and the like, you can see how vital it is to ensure every single part of the backend. Otherwise, your entire web application’s safety and security is at risk.
Trojans: Definition, Types and Protection
Some cybersecurity threats are so old-school that you don’t really hear that much about them—and they might even appear to slow down over the years. But since the beginning of the COVID-19 pandemic, threat actors and malware authors have been finding new ways to exploit the situation the world has found itself in. One of the most common tactics we’re seeing is the use of trojans.
Axiom: A Distributed Hacking Framework for Pentesters and Red Teamers
With the arrival of the concept known as dynamic cloud a few years ago, leaders in the computing and security industries immediately seized the opportunity. Not only did this new paradigm offer flexibility and scalability, its dynamic nature also entailed a more diverse portfolio of applications and similar consumables, readily available and masterfully presented as a single, coherent platform. To security practitioners, and to penetration testers in specific, this newfound agility forever transformed the traditional in-house penetration-testing ecosystem into an entirely dynamic framework.
Building a Career in Incident Response With Cybersec Meg
Cybersecurity is one of the fastest-growing industries, while cybersecurity professionals are some of the most valuable workers of any organization, regardless of the industry. There is some talk of a cybersecurity skills gap that claims a shortage of professionals, but is that true? Or is gatekeeping dictating unrealistic expectations for entry-level positions, making it harder for newcomers to break into the industry?
Front-End Security: 10 Popular Types of Attacks and Best Practices to Prevent Them
Your web application’s front end is the first part seen everywhere. It’s the first thing that regular users and potential customers looks at but it’s also the first thing that an attacker sees—it’s the main door to your attack surface.
Recon Safari #4: Domains Riding the Robinhood Wave
During the past couple of weeks, the popular free financial trading app Robinhood made headlines for halting purchases of certain stocks. This has resulted in a lot of bad publicity for the company. And because threat actors enjoy exploiting trending news topics to their advantage, we decided to look at newly registered Robinhood domains to see how they’re being used.
February Product Updates: New HTTP Header Data in SQL Explorer and Improved Tagging
We are excited to announce new features for SurfaceBrowser™. Now you can perform a new range of HTTP header-based queries to get information from our port 443 crawled data, and gain quick access to improved tagging for faster asset discovery.
Who Are Cybercriminals? The 10 Most Infamous Cybercriminals
Throughout human history, crime has been ever-present. Whether it’s burglary, theft, fraud, extortion, vandalism, or more serious offenses, it always followed us. But as technology progresses, criminals find more ways to conduct their illegal activities.
Risks of Expired SSL Certificates
SSL certificates have become an integral part of today’s internet. Allowing the encryption of traffic between host and client has opened up multiple opportunities for services to be accessed from anywhere, further expanding the scope of possibilities the internet has to offer.